[go: up one dir, main page]

WO2018138608A3 - Penetration testing of a networked system - Google Patents

Penetration testing of a networked system Download PDF

Info

Publication number
WO2018138608A3
WO2018138608A3 PCT/IB2018/050328 IB2018050328W WO2018138608A3 WO 2018138608 A3 WO2018138608 A3 WO 2018138608A3 IB 2018050328 W IB2018050328 W IB 2018050328W WO 2018138608 A3 WO2018138608 A3 WO 2018138608A3
Authority
WO
WIPO (PCT)
Prior art keywords
rasm
penetration testing
nodes
networked system
hosting
Prior art date
Application number
PCT/IB2018/050328
Other languages
French (fr)
Other versions
WO2018138608A2 (en
Inventor
Boaz GORODISSKY
Adi ASHKENAZI
Ronen Segal
Original Assignee
XM Ltd.
Van Dyke, Marc
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by XM Ltd., Van Dyke, Marc filed Critical XM Ltd.
Priority to EP18744986.3A priority Critical patent/EP3560170A4/en
Priority to AU2018212708A priority patent/AU2018212708A1/en
Priority to PCT/IB2018/050417 priority patent/WO2018138640A1/en
Priority to AU2018102184A priority patent/AU2018102184A4/en
Priority to EP18711399.8A priority patent/EP3559852A1/en
Priority to AU2018213164A priority patent/AU2018213164A1/en
Publication of WO2018138608A2 publication Critical patent/WO2018138608A2/en
Publication of WO2018138608A3 publication Critical patent/WO2018138608A3/en
Priority to IL268203A priority patent/IL268203B/en
Priority to IL268204A priority patent/IL268204B/en
Priority to IL272836A priority patent/IL272836B/en
Priority to IL274823A priority patent/IL274823A/en

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/14Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
    • H04L63/1433Vulnerability analysis
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L43/00Arrangements for monitoring or testing data switching networks
    • H04L43/50Testing arrangements
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/20Network architectures or network communication protocols for network security for managing network security; network security policies in general
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/30Network architectures or network communication protocols for network security for supporting lawful interception, monitoring or retaining of communications or communication related information
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L41/00Arrangements for maintenance, administration or management of data switching networks, e.g. of packet switching networks
    • H04L41/04Network management architectures or arrangements
    • H04L41/046Network management architectures or arrangements comprising network management agents or mobile agents therefor
    • H04L41/048Network management architectures or arrangements comprising network management agents or mobile agents therefor mobile agents

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Computer Hardware Design (AREA)
  • Computing Systems (AREA)
  • General Engineering & Computer Science (AREA)
  • Technology Law (AREA)
  • Data Exchanges In Wide-Area Networks (AREA)
  • Debugging And Monitoring (AREA)
  • Computer And Data Communications (AREA)

Abstract

ABSTRACT Methods and systems for penetration testing of a networked system comprising a set of network-nodes by a penetration testing system (e.g. to enforce first and/or second rules) are disclosed herein. The penetration testing system comprises: (i) reconnaissance agent software module (RASM) installed on multiple nodes (each of which is a RASM-hosting node) of the networked system to be penetration-tested and (ii) a penetration testing software module (PTSM) installed on a remote computing device (RCD). Internal data from each of the RASM- hosting nodes is collected and transmitted to the RCD. Analysis of the internal data collected from multiple RASM-hosting network nodes determines a method for an attacker to compromise the networked system. The first and second rules are defined herein. Alternatively or additionally, one or more of the RASM instances are pre-installed on one or more RASM- hosting nodes before the penetration testing commences.
PCT/IB2018/050328 2017-01-30 2018-01-18 Penetration testing of a networked system WO2018138608A2 (en)

Priority Applications (10)

Application Number Priority Date Filing Date Title
EP18744986.3A EP3560170A4 (en) 2017-01-30 2018-01-18 Penetration testing of a networked system
AU2018212708A AU2018212708A1 (en) 2017-01-30 2018-01-18 Penetration testing of a networked system
AU2018213164A AU2018213164A1 (en) 2017-01-30 2018-01-24 Setting up penetration testing campaigns
AU2018102184A AU2018102184A4 (en) 2017-01-30 2018-01-24 Setting up penetration testing campaigns
EP18711399.8A EP3559852A1 (en) 2017-01-30 2018-01-24 Setting up penetration testing campaigns
PCT/IB2018/050417 WO2018138640A1 (en) 2017-01-30 2018-01-24 Setting up penetration testing campaigns
IL268203A IL268203B (en) 2017-01-30 2019-07-21 Penetration testing of a networked system
IL268204A IL268204B (en) 2017-01-30 2019-07-22 Systems and methods for selecting a termination rule for a penetration testing campaign
IL272836A IL272836B (en) 2017-01-30 2020-02-21 Setting-up penetration testing campaigns
IL274823A IL274823A (en) 2017-01-30 2020-05-21 Setting-up penetration testing campaigns

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
US201762451850P 2017-01-30 2017-01-30
US62/451,850 2017-01-30

Publications (2)

Publication Number Publication Date
WO2018138608A2 WO2018138608A2 (en) 2018-08-02
WO2018138608A3 true WO2018138608A3 (en) 2019-01-03

Family

ID=62948630

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/IB2018/050328 WO2018138608A2 (en) 2017-01-30 2018-01-18 Penetration testing of a networked system

Country Status (5)

Country Link
US (2) US10637882B2 (en)
EP (1) EP3560170A4 (en)
AU (1) AU2018212708A1 (en)
IL (1) IL268203B (en)
WO (1) WO2018138608A2 (en)

Families Citing this family (45)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US10999308B2 (en) 2017-01-30 2021-05-04 Xm Cyber Ltd. Setting-up penetration testing campaigns
US10257220B2 (en) 2017-01-30 2019-04-09 Xm Cyber Ltd. Verifying success of compromising a network node during penetration testing of a networked system
US10367846B2 (en) 2017-11-15 2019-07-30 Xm Cyber Ltd. Selectively choosing between actual-attack and simulation/evaluation for validating a vulnerability of a network node during execution of a penetration testing campaign
US10581802B2 (en) 2017-03-16 2020-03-03 Keysight Technologies Singapore (Sales) Pte. Ltd. Methods, systems, and computer readable media for advertising network security capabilities
US10447721B2 (en) 2017-09-13 2019-10-15 Xm Cyber Ltd. Systems and methods for using multiple lateral movement strategies in penetration testing
US10678629B2 (en) * 2017-11-28 2020-06-09 Bank Of America Corporation Dynamic failure-resolution computing engine
US10440044B1 (en) 2018-04-08 2019-10-08 Xm Cyber Ltd. Identifying communicating network nodes in the same local network
US11252172B1 (en) * 2018-05-10 2022-02-15 State Farm Mutual Automobile Insurance Company Systems and methods for automated penetration testing
US11347867B2 (en) * 2018-05-18 2022-05-31 Ns Holdings Llc Methods and apparatuses to evaluate cyber security risk by establishing a probability of a cyber-attack being successful
US10382473B1 (en) 2018-09-12 2019-08-13 Xm Cyber Ltd. Systems and methods for determining optimal remediation recommendations in penetration testing
WO2020089698A1 (en) 2018-11-04 2020-05-07 Xm Cyber Ltd. Using information about exportable data in penetration testing
US10574687B1 (en) 2018-12-13 2020-02-25 Xm Cyber Ltd. Systems and methods for dynamic removal of agents from nodes of penetration testing systems
US10462177B1 (en) 2019-02-06 2019-10-29 Xm Cyber Ltd. Taking privilege escalation into account in penetration testing campaigns
WO2020166016A1 (en) * 2019-02-14 2020-08-20 Nec Corporation Security assessment apparatus, security assessment method, and non-transitory computer readable medium
US11283827B2 (en) 2019-02-28 2022-03-22 Xm Cyber Ltd. Lateral movement strategy during penetration testing of a networked system
CN110048960B (en) * 2019-04-17 2021-03-30 北京理工大学 Distributed flow generation system with message response
US11477226B2 (en) 2019-04-24 2022-10-18 Saudi Arabian Oil Company Online system identification for data reliability enhancement
US11206281B2 (en) 2019-05-08 2021-12-21 Xm Cyber Ltd. Validating the use of user credentials in a penetration testing campaign
US11252173B2 (en) * 2019-06-28 2022-02-15 Keysight Technologies, Inc. Cybersecurity penetration test platform
US10637883B1 (en) 2019-07-04 2020-04-28 Xm Cyber Ltd. Systems and methods for determining optimal remediation recommendations in penetration testing
US10880326B1 (en) 2019-08-01 2020-12-29 Xm Cyber Ltd. Systems and methods for determining an opportunity for node poisoning in a penetration testing campaign, based on actual network traffic
US11645402B2 (en) * 2019-08-15 2023-05-09 Blackberry Limited Methods and systems for identifying compromised devices from file tree structure
US11599639B2 (en) 2019-08-15 2023-03-07 Blackberry Limited Methods and systems for identifying a compromised device through its unmanaged profile
US11343258B2 (en) 2019-08-15 2022-05-24 Blackberry Limited Methods and systems for identifying a compromised device through its managed profile
US11632377B2 (en) 2019-08-15 2023-04-18 Blackberry Limited Methods and systems to identify a compromised device through active testing
US11533329B2 (en) 2019-09-27 2022-12-20 Keysight Technologies, Inc. Methods, systems and computer readable media for threat simulation and threat mitigation recommendations
US11005878B1 (en) 2019-11-07 2021-05-11 Xm Cyber Ltd. Cooperation between reconnaissance agents in penetration testing campaigns
US11575700B2 (en) 2020-01-27 2023-02-07 Xm Cyber Ltd. Systems and methods for displaying an attack vector available to an attacker of a networked system
US11582256B2 (en) 2020-04-06 2023-02-14 Xm Cyber Ltd. Determining multiple ways for compromising a network node in a penetration testing campaign
CN111783105B (en) * 2020-07-08 2024-03-29 国家计算机网络与信息安全管理中心 Penetration test method, device, equipment and storage medium
CN114154162B (en) * 2020-09-08 2024-03-15 中国电信股份有限公司 Penetration test path planning method and device, and computer readable storage medium
CN112636996A (en) * 2020-11-16 2021-04-09 中标软件有限公司 Network security monitoring system and method for distinguishing operation command and echoing in terminal information acquisition
US12153667B2 (en) 2020-12-18 2024-11-26 UiPath, Inc. Security automation using robotic process automation
US11824874B2 (en) * 2021-01-20 2023-11-21 Vmware, Inc. Application security enforcement
US12430442B2 (en) 2021-04-13 2025-09-30 Bank Of America Corporation Electronic system for dynamically performing linked evaluation tests to identify faulty code and vulnerabilities in software programs based on efficacy
US12373572B1 (en) * 2021-10-15 2025-07-29 Bruce McCully System and method for a user activated penetration test
CN114499929B (en) * 2021-12-13 2024-06-28 奇安信科技集团股份有限公司 Method and device for monitoring remote transverse penetration of planned task intranet
CN114615081A (en) * 2022-04-02 2022-06-10 侯殿君 Remote penetration test method and device
CN115242490B (en) * 2022-07-19 2023-09-26 北京计算机技术及应用研究所 Group key secure distribution method and system in trusted environment
CN115643119A (en) * 2022-12-26 2023-01-24 北京微步在线科技有限公司 Network attack detection method and device
CN116112277A (en) * 2023-02-16 2023-05-12 北京华云安信息技术有限公司 A method, device, equipment and storage medium for displaying a penetration attack map
US11792125B1 (en) * 2023-05-16 2023-10-17 Citibank, N.A. Reducing network traffic by filtering network requests based on network request-related information systems and methods
CN117149638B (en) * 2023-09-01 2024-09-03 镁佳(北京)科技有限公司 UI (user interface) automatic testing method and device, computer equipment and storage medium
US12323394B2 (en) 2023-09-29 2025-06-03 ComplyAuto IP LLC Remote computer network security testing
CN118484799B (en) * 2024-07-16 2024-10-01 山东新潮信息技术有限公司 Multi-module penetration test system based on cooperative control

Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20090044277A1 (en) * 2002-05-29 2009-02-12 Bellsouth Intellectual Property Corporation Non-invasive monitoring of the effectiveness of electronic security services
US20110035803A1 (en) * 2009-08-05 2011-02-10 Core Security Technologies System and method for extending automated penetration testing to develop an intelligent and cost efficient security strategy
US20130014263A1 (en) * 2011-07-08 2013-01-10 Rapid Focus Security, Llc System and method for remotely conducting a security assessment and analysis of a network
US20130031635A1 (en) * 2002-10-01 2013-01-31 Skybox Security, Inc. System, Method and Computer Readable Medium for Evaluating a Security Characteristic
US20140237606A1 (en) * 2011-06-05 2014-08-21 Core Sdi Incorporated System and method for providing automated computer security compromise as a service

Family Cites Families (42)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US6574737B1 (en) 1998-12-23 2003-06-03 Symantec Corporation System for penetrating computer or computer network
US7013395B1 (en) * 2001-03-13 2006-03-14 Sandra Corporation Method and tool for network vulnerability analysis
US7228566B2 (en) * 2001-07-10 2007-06-05 Core Sdi, Incorporated Automated computer system security compromise
US8127359B2 (en) * 2003-04-11 2012-02-28 Samir Gurunath Kelekar Systems and methods for real-time network-based vulnerability assessment
US7421734B2 (en) * 2003-10-03 2008-09-02 Verizon Services Corp. Network firewall test methods and apparatus
US7237267B2 (en) * 2003-10-16 2007-06-26 Cisco Technology, Inc. Policy-based network security management
EP2126772B1 (en) * 2007-02-16 2012-05-16 Veracode, Inc. Assessment and analysis of software security flaws
US8365289B2 (en) * 2007-04-12 2013-01-29 Core Sdi, Incorporated System and method for providing network penetration testing
US7953674B2 (en) * 2007-05-17 2011-05-31 Microsoft Corporation Fuzzing system and method for exhaustive security fuzzing within an SQL server
US8464346B2 (en) * 2007-05-24 2013-06-11 Iviz Techno Solutions Pvt. Ltd Method and system simulating a hacking attack on a network
JP2008299217A (en) * 2007-06-01 2008-12-11 Ricoh Co Ltd Development device and image forming device
EP2163027B1 (en) * 2007-06-26 2017-09-13 Core Sdi, Incorporated System and method for simulating computer network attacks
US8650651B2 (en) * 2008-02-08 2014-02-11 International Business Machines Corporation Method and apparatus for security assessment of a computing platform
WO2010069587A1 (en) 2008-12-18 2010-06-24 Nec Europe Ltd. Method and device for supporting penetration testing of a computer system
EP2476238A2 (en) * 2009-09-08 2012-07-18 Core SDI, Incorporated System and method for probabilistic attack planning
US8793799B2 (en) * 2010-11-16 2014-07-29 Booz, Allen & Hamilton Systems and methods for identifying and mitigating information security risks
US10447709B2 (en) * 2010-12-29 2019-10-15 Rapid7, Inc. Methods and systems for integrating reconnaissance with security assessments for computing networks
US9076013B1 (en) * 2011-02-28 2015-07-07 Amazon Technologies, Inc. Managing requests for security services
KR101827232B1 (en) * 2011-05-31 2018-02-07 휴렛 팩커드 엔터프라이즈 디벨롭먼트 엘피 Automated security testing
FI20116278L (en) 2011-12-16 2013-06-17 Codenomicon Oy NETWORK-BASED TESTING SERVICE AND TESTING METHOD IN A NETWORK
US8484741B1 (en) * 2012-01-27 2013-07-09 Chapman Technology Group, Inc. Software service to facilitate organizational testing of employees to determine their potential susceptibility to phishing scams
US8813235B2 (en) * 2012-08-10 2014-08-19 Nopsec Inc. Expert system for detecting software security threats
US9558355B2 (en) * 2012-08-29 2017-01-31 Hewlett Packard Enterprise Development Lp Security scan based on dynamic taint
US9954883B2 (en) * 2012-12-18 2018-04-24 Mcafee, Inc. Automated asset criticality assessment
CN104009881B (en) 2013-02-27 2017-12-19 广东电网公司信息中心 A kind of method and device of system penetration testing
CN103200230B (en) 2013-03-01 2016-01-06 南京理工大学常熟研究院有限公司 Based on the vulnerability scanning method of Mobile agent
KR101794116B1 (en) * 2013-03-18 2017-11-06 더 트러스티스 오브 컬럼비아 유니버시티 인 더 시티 오브 뉴욕 Unsupervised detection of anomalous processes using hardware features
US9292695B1 (en) * 2013-04-10 2016-03-22 Gabriel Bassett System and method for cyber security analysis and human behavior prediction
CN103916384A (en) 2014-01-21 2014-07-09 中国人民解放军信息安全测评认证中心 Penetration testing method for GAP isolation and exchange device
US10237296B2 (en) * 2014-01-27 2019-03-19 Cronus Cyber Technologies Ltd Automated penetration testing device, method and system
US9413780B1 (en) * 2014-05-06 2016-08-09 Synack, Inc. Security assessment incentive method for promoting discovery of computer software vulnerabilities
US9015847B1 (en) * 2014-05-06 2015-04-21 Synack, Inc. Computer system for distributed discovery of vulnerabilities in applications
US9680855B2 (en) * 2014-06-30 2017-06-13 Neo Prime, LLC Probabilistic model for cyber risk forecasting
US10812516B2 (en) * 2014-08-05 2020-10-20 AttackIQ, Inc. Cyber security posture validation platform
WO2016035083A2 (en) * 2014-09-06 2016-03-10 Andriani Matthew Non-disruptive ddos testing
US9699209B2 (en) * 2014-12-29 2017-07-04 Cyence Inc. Cyber vulnerability scan analyses with actionable feedback
US10075474B2 (en) * 2015-02-06 2018-09-11 Honeywell International Inc. Notification subsystem for generating consolidated, filtered, and relevant security risk-based notifications
WO2016164844A1 (en) 2015-04-10 2016-10-13 PhishMe, Inc. Message report processing and threat prioritization
US9473522B1 (en) * 2015-04-20 2016-10-18 SafeBreach Ltd. System and method for securing a computer system against malicious actions by utilizing virtualized elements
US9699205B2 (en) * 2015-08-31 2017-07-04 Splunk Inc. Network security system
US9767291B2 (en) * 2015-10-06 2017-09-19 Netflix, Inc. Systems and methods for security and risk assessment and testing of applications
US20170116421A1 (en) * 2015-10-23 2017-04-27 Hewlett Packard Enterprise Development Lp Security vulnerabilities

Patent Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20090044277A1 (en) * 2002-05-29 2009-02-12 Bellsouth Intellectual Property Corporation Non-invasive monitoring of the effectiveness of electronic security services
US20130031635A1 (en) * 2002-10-01 2013-01-31 Skybox Security, Inc. System, Method and Computer Readable Medium for Evaluating a Security Characteristic
US20110035803A1 (en) * 2009-08-05 2011-02-10 Core Security Technologies System and method for extending automated penetration testing to develop an intelligent and cost efficient security strategy
US20140237606A1 (en) * 2011-06-05 2014-08-21 Core Sdi Incorporated System and method for providing automated computer security compromise as a service
US20130014263A1 (en) * 2011-07-08 2013-01-10 Rapid Focus Security, Llc System and method for remotely conducting a security assessment and analysis of a network

Also Published As

Publication number Publication date
US10038711B1 (en) 2018-07-31
US20180219904A1 (en) 2018-08-02
IL268203A (en) 2019-09-26
US20180219905A1 (en) 2018-08-02
IL268203B (en) 2020-11-30
EP3560170A2 (en) 2019-10-30
WO2018138608A2 (en) 2018-08-02
EP3560170A4 (en) 2020-07-29
US10637882B2 (en) 2020-04-28
AU2018212708A1 (en) 2019-08-08

Similar Documents

Publication Publication Date Title
WO2018138608A3 (en) Penetration testing of a networked system
MY202763A (en) Security implementation method, device and system
MY189034A (en) Discovery signal design
MX2018012396A (en) Systems and methods for protecting network devices by a firewall.
EA202090711A1 (en) SYSTEM AND METHOD FOR IMPLEMENTATION OF DATA TRANSMISSION OF A SMOKE DETECTOR FROM A SMOKE DETECTOR
WO2010117623A3 (en) System and method for access management and security protection for network accessible computer services
GB2534259A (en) Methods and Systems for Transmitting Data Packets
GB2570423A (en) PTX communication with data analytics engine
MX2013002128A (en) Transmission device, transmission method, reception device, reception method, program, and broadcast system.
FI3000279T3 (en) SIMULTANEOUS WIRELESS COMMUNICATIONS ON LICENSED AND UNLICENSED SPECTRUM
MX2014015189A (en) Systems, methods, and computer program products for interfacing multiple service provider trusted service managers and secure elements.
BR112015021712A2 (en) systems and methods for discovering devices in a neighborhood aware network
WO2012122546A3 (en) Biological data networks and methods therefor
WO2013016167A3 (en) Secure network communications for meters
GB2487317A (en) Method and system for processing network events
GB2563965A (en) Authentication of packetized audio signals
US20120173712A1 (en) Method and device for identifying p2p application connections
EP4401376A3 (en) Systems, methods, and apparatus for implementing persistent management agent (pma) functions for the control and coordination of dpu and dslam components
BR112019006457A2 (en) systems and methods for concession free uplink transmission
MX2016004919A (en) Distributed data transmission in data networks.
Postoyan et al. On emulated nonlinear reduced-order observers for networked control systems
WO2017208079A3 (en) Method and system for improving network security
GB201209266D0 (en) Method and system for communicating between devices
EP4386604A3 (en) Interface proxy device for cyber security
BR112018069651A2 (en) method, device and group communication system

Legal Events

Date Code Title Description
NENP Non-entry into the national phase

Ref country code: DE

ENP Entry into the national phase

Ref document number: 2018744986

Country of ref document: EP

Effective date: 20190726

ENP Entry into the national phase

Ref document number: 2018212708

Country of ref document: AU

Date of ref document: 20180118

Kind code of ref document: A

121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 18744986

Country of ref document: EP

Kind code of ref document: A2